TIP: Click on subject to list as thread! ANSI
echo: alt-comp-anti-virus
to: ALL
from: VIRUS GUY
date: 2014-10-27 10:37:00
subject: Notice to Appear, from th
After 4.5 days of trying, the Ximian Evolution spammer finally found an
IP address that I wasn't blocking and put this "Notice to Appear"
between the uprights.  My server rejected some 2250 SMTP connection
attempts during those 4.5 days, no doubt some (or many?) of those were
the Ximian fool.

=============================
Return-Path: 
Received: from lawyerscaringforarizona.com ([64.135.3.78]) 
Subject: Notice to appear in court
X-Mailer: XimianEvolution1.4.6

Notice to Appear,

The copy of the court notice is attached to this letter.
Please, read it thoroughly.

Truly yours,
Clerk to the Court,
Carol Mason
===============================

And isin't that nice?

lawyerscaringforarizona.com

lawyers caring for arizona . com

And we thought that lawyers were scum.

VT is really slow tonight.

Here's the VT result:

https://www.virustotal.com/en/file/a8a5b56eef029eec01f83858317109641a2c3dd991de
2533d7b1b33b4f0ea8e6/analysis/1414453886/

Kaspersky is calling it Win32.Dapato (never seen that before).

Very bad detection rate - 10/54.  Here's who detected it:

AVware         Avast       DrWeb     ESET-NOD32
F-Prot         Kaspersky   Sophos    TrendMicro
TrendMicro-HC  VIPRE

And here's the hall of shame:

AVG           Ad-Aware       AegisLab         Agnitum 
AhnLab-V3     Antiy-AVL      Avira            Baidu-Int.
BitDefender   Bkav           ByteHero         CAT-SlowHeal
CMC           ClamAV         Comodo           Cyren
Emsisoft      F-Secure       Fortinet         GData
Ikarus        Jiangmin       K7AntiVirus      K7GW
Kingsoft      Malwarebytes   McAfee           McAfee-GW
MicroWorld    Microsoft      NANO-Antivirus   Norman
Qihoo-360     Rising         SUPERAntiSpyware Symantec
Tencent       TheHacker      TotalDefense     VBA32
ViRobot       Zillya         Zoner            nProtect

And we have more!  This one's hot-off-the-press (as of 3 hours ago):

----------------------------
Return-Path: 
Received: from employmentlawyersfortlauderdale.com ([76.184.137.116])
From: Notice to Appear 
Subject: Hearing of your case in Court
Mon, 27 Oct 2014 17:09:11 -0
X-Mailer: XimianEvolution1.4.6

Notice to Appear,

The copy of the court notice is attached to this letter.
Please, read it thoroughly.

Truly yours,
Clerk to the Court,
Lily Mason
------------------------------

Hmmm.  Lily Mason and Carol Mason both working in the same court house?

https://www.virustotal.com/en/file/438f30bda635325fd2f814a6861f7e13f07602713f93
0b5bea374367894d6759/analysis/1414454543/

This file is the exact same size as the first, but not binary
identical.  The exact same 10 AV programs are detecting this second file
just like the first file.

Get your copy of these files here:

http://www.filedropper.com/note6833copy
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.